Bruce bruce at toorak.com
Wed Nov 15 03:01:04 GMT 2000

Thanks Martin,
Yes we have a heavy duty block on anything 137/138/139 amongst others.
We average 7500 attempted "hackhits" per week. Thats why I asked the question.

>Bruce wrote:
>> Hi there,
>> We have Samba 2.07 running wonderfully on SuSE linux in an internal
>>network of
>> Windows crap everywhere (98/NT/2000/ME/...) However to protect ourselves
>> from the the outside world, I only allow connections from an internal range
>> of Class C addresses. (192.168...) on an internal ethernet card. Nothing
>> else is permitted.
>> However to manage the site it would be nice to be able to use SWAT from the
>> Internet and connect to an external ethernet interface on port 901 and ONLY
>> allow transactions to port 901 and not 137/138/139 on that ethernet card.
>> Is there a way WITHOUT using IPCHAINS and WITHOUT enabling smb ethernet
>> on the external ethernet card.
>Yes, configure your firewall. You DO have a firewall between all that
>netbios nonsense and the internet, don't you?

More information about the samba mailing list